Created on 09-27-2018 08:18 AM Edited on 10-27-2023 05:37 AM By Anthony_E
Description
Solution
Issue: Scan is failing because a Registry-Keys Custom Scan is failing.
To determine why the scan is failing it is possible to select over the failing Scan and a new window will pop up with the list of failing tests:
The full path of Regedit in this example is: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters and it can be configured while choosing the drop down in Hive [HKEY_LOCAL_MACHINE] and than fill the Key Name starting with SYSTEM\
On the affected host itself, bring up Regedit and navigate to the location of the specified Key.
Solution: Change Key value in scan to match the key value in host (if host is indeed using the correct intended key). The scan now will succeed.
In case when debug is needed, enabling the following debug from FNAC CLI may show more details of what is seen in GUI:
> nacdebug -name AgentServer true
> logs
> tf output.nessus
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport checkState = true
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() epcConfig - 1
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() pass - Anti-Virus :: Microsoft Windows Defender
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() pass - Anti-Virus :: Microsoft Windows Defender Engine Updates
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() pass - Anti-Virus :: Microsoft Windows Defender Signatures
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() pass - Anti-Virus :: Windows Defender Real-time Protection Check
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() pass - Anti-Virus :: Fortinet - FortiClient
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() pass - Operating-System :: Windows 10 x64
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() pass - Operating-System :: Windows 10 x64 Version
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() pass - Operating-System :: Windows 10 x64 Edition
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() pass - Operating-System :: Windows 10 x64 Critical and Security Updates
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() pass - Operating-System :: Windows 10 x64 Network Bridges
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() pass - Operating-System :: Trigger SCCM Evaluation
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() pass - Operating-System :: Windows 10 x64 AutoUpdates Label
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() pass - Custom::Mos e hap paint-in
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() pass - Custom::Mbaj hapur notepad-in
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() pass - Custom::Domain in Adapter
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() passedPolicy - true
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() webIPAddress - 10.1.3.11
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() uid - 9EE5AJSEBK55A5WM
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: userID after decoding = gimi
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() policy - f-Corporate-Scan
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() hw_name - win10-ffm
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport() os - Windows 10 Pro 6.3 22H2 10.0.19045.3570
yams.AgentServer FINER :: 2023-10-27 14:20:51:736 :: #37 :: addScanReport(): userID = gimi
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.